Slashdot Mirror
SGI's Letter to the Linux Community
_Upsilon_ writes "SGI has released a letter to the Linux community in response to SCO's recent threat to revoke the UNIX licence for Irix. The letter mentions that they inadvertently did submit some System V code into the Linux kernel, that has since been removed (and some more in the process of being removed). The article points out that the code fragments in question had already been released into the public domain as well."
You mean that McBride's rants may actually have a bit of substance behind them? OK, most of the code is gone now, and what code was there was Public Domin anyway, but McBride whining about the simple fact that the code was there now has some merit to it?
oh, man.
I'm not a prophet or a stone-age man,
I'm just a mortal with potential of a super man.
This shows the minor things that SCO from which they are trying to gain. However, how small of "a copy" can be included before that is considering stealing?
For example, if I "borrow" one line from a song in my song... is that stealing?
If I borrow one line from another piece of literature in my "unique" work, is that stealing?
Are they admitting to the borrowing of a small amount of code here?
Everybody borrows; genius steals.
Davak
Notice how SCO didn't trumpet SGI's violations to the press. It took a more circuituous route of notifying SGI privately, and letting SGI spread the news themselves. Though there was much speculation, nothing was official until SGI's 10K. My guess is that SCO is starting to learn that trumpeting litigous claims to the press is not the way to proceed. I guess they are tired of defending against Landham (sp?) Act violations.
(I originally posted this to finance yahoo message board, but it is appropriate here.)
"found brief fragments of code matching System V code in three generic routines (ate_utils.c, the atoi function " they're complaining about copied atoi code?!?!?! exactly how many variations of converting ascii to integers could there be? And why would anyone care about something so simple? Unless it was a FUD screen...
You must be kidding to see that this damages SCO's case! If anything it strengthens it. You cannot just say "oops we made a mistake and everything is OK now". SCO can argue that lots of companies made money off of Linux and if their IP is in there then they should get a cut. That is the key though - is the code that SGI is mentioning actually public domain or not?
I don't see anything new here.
:-)
This was one of my thoughts as well. We still have no real idea what the hell anybody is talking about.
OK, OK, SGI said:
found brief fragments of code matching System V code in three generic routines (ate_utils.c, the atoi function and systeminfo.h header file), all within the I/O infrastructure support for SGI's platform.
OK so they point out a few places to look, but they also go on to say:
a result of that exhaustive investigation, SGI has discovered a few additional code segments (similar in nature to the segments referred to above and trivial in amount) that may arguably be related to UNIX code.
OK, so they found "a few" other things. What are those "other things"? OK, it's cool they are doing a bit of busting their asses to make sure that they are clean and that SCO is wrong, but it would be nice to see a bit more than that.
To any SGI person that may be reading:
I'm not downing the efforts, I'm just questioning the accuracy of what the hell is going on because none of us out here really know the TRUE facts.
I guess I could check with your diff's though...
I'm not a prophet or a stone-age man,
I'm just a mortal with potential of a super man.
SGI admitting to having contributed some System V code to the Linux kernel brings to mind a question I've had for years: what are the chances that in a big closed source project (like Windows for example), that some developer hasn't used some open source code at one point or another? How do you protect against this?
Is there a process to audit big companies code? MS threatens me with audits to check my license compliance, can I audit them to check that no open source code is in their products?
And for that matter, which license would win? If GPL'd code was found in a product like Windows, would Microsoft be forced to open source the entire thing?
If SGI, whom SCO sued as an afterthought, is guilty, what does that say about IBM, the real defendent. IBM must have really screwed up.
http://www.sltrib.com/2003/Oct/10012003/business/9 7397.asp:
SCO spokesman Blake Stowell said Tuesday that he understood the extension is being sought "for the purpose of gaining documents from IBM related to the patents they claim. . . . Some of the patents aren't even filed with the U.S. Patent Office, as far as we can learn."
From http://lwn.net/Articles/43592/ the patent numbers are:
4,814,746
4,821,211
4,953,209
5,805,785
Go here http://patft.uspto.gov/netahtml/srchnum.htm [uspto.gov]
Type in the patent numbers into uspto.gov form
You will find them all. Immediately. In fact they load up immediately after typing in the number.
SGI can fight well
Losses are being reduced
SGI has about $140m CASH in the bank, even without liquidating investments, and $270m revenue per quarter. (both more than 10X SCO)
SGI are also experienced and skilled at litigation.
SCO can argue that lots of companies made money off of Linux and if their IP is in there then they should get a cut.
So just how large is the economic damage that SCO has suffered? SCO will have to prove this. They have to show how they calculate these damages. Among the stuff IBM subpoenaed from SCO was all documents showing how SCO calculates the damages they claim to have suffered.
I wonder what the economic damages are from an improper 200 line contribution of trivial routines such as atoi()? Would the lack of SCO's version of this routine have caused you to buy SCO instead of Linux?
The price of freedom is eternal litigation.
I've seen a lot of people for the last few months expressing outrage over SCO's actions. If you are convinced that SCO has no case and that their claims are false, why not short their stock? Put your money where your mouth is. I have.
SCO has a P/E ratio over 80 lately which indicates it's stock price is inflated anyway so it makes sense. If they're going to be a bunch of lying bastards, why shouldn't we profit from them going out of business?
I am just saying that their case is strengthening.
Actually, their case is weakening, not strenghtening.
In the (still) unlikely event that there is SCO-owned code in Linux, they can only claim damages from the date they make the offending party aware. Since any potentially offending code has been removed before they've made the details available, their case is severely weakened.
Do some reading on the Doctrine of Laches.
Actually, you don't seem to get it. Copyright violations are not criminal offenses, but civil ones.
The question is not "guilt" but damages. A party who claims damages must show that they took steps to mitigate them. This is normally by notifying the offender of the offense so they can stop doing whatever it is. Then the case proceeds to assess if damage took place that should be compensated.
SGI removed code, so now the possible damages are limited to the economic damage that was caused while the code was present, if any, and if they actually used code not in public domain.
In your example if a manufacturing plant did not repair a situation that was shown to cause injury they would be more liable for future events. The fact that repairs were made afterward shows that steps were taken to prevent future injuries and this lessens their future liabilities while showing response to the current situation. It may not have effect on the case of the injured employee.
The SCO analog is that SCO claims "injury" but can not specify what should be repaired to correct the situation. In the manufacturing plant context thi is like claiming that I now own the plant because it caused injury, but I won't tell you what to fix.
> This seems to place SCO wholly at fault since it is thus their fault the infringing code continues to be in linux, by virtue of the fact they refuse to tell anyone what that infringing code is. The legal doctrine of due dilligence means a court will likely see it the same way.
... at fault ... the infringing code continues to be in Linux". However, mitigation ONLY applies to damages caused that SCO could have prevented (thus, in the past tense only). It has no bearing on SCO securing it's Copyright monopoly (if any) going into the future.
Um, I think you're confusing your doctrines.
First, you have due dilligence. This would apply to SCO finding their code in Linux before they went off and licensed it to others under the GPL. Worse, in doing so as as an integral part of their own business AND as a kernel source code contributor themselves. SCO did things, and it cannot be a mistake because they could'a, should'a, known better.
Second, we have mitigation of damages. This would apply to "place SCO
Bullshit. Are you trolling for SCO?
As I have stated previously,
You were wrong then, too.
Now SGI is ADMITTING that they put SYSV code in the Linux codebase.
No they're not. They're saying that they found code that happens to match some Sys V code in what they submitted -- less than 0.02% worth. The exact provenance of that code isn't clear, SysV may have got it from the same place SGI did. Your statement implies several levels of culpability that is just plain not in the SGI letter.
Whether or not it has been removed is IMMATERIAL for purposes of this case.
What case? So far the only "case" (lawsuit) is between IBM and SCO, and between RedHat and SCO. IF SCO decides to launch yet another lawsuit and sue SGI for copyright infringment (and remember, SCO has NOT made any copyright complaints against IBM (but IBM has against SCO)), then there may be a case. But SGI's action in removing the questionable code is VERY MATERIAL -- it limits SCO's claims. (Furthermore, since SCO has so far refused to reveal what code it thinks infringes, it may have no claim because it hasn't taken the necessary steps to mitigate damage.)
-- Alastair
for ( i = 0; i < max; ++ i )
The line of code above belongs to me, I wrote it and everyone who has any similar code, including code resulting in compilation needs to pay me.
The poster of the parent article is herby given notice of infringement and $150,000 damages for each infringement. I estimate that $1e12 (1 trillion dollars) is a good starting point.
The point I'm trying to make is that Copyright laws are far more complex than you make it out to be. Firstly, being a civil suit, damages need to be assesed. If damage to SCO is immaterial, then SCO is far worse position now by revoking SGI's licence because it will be easily shown to the jury as extortion.
As a counter-example, if IBM had released some unique feature, say for example as O(1) scheduler, from the Unix code base, then SCO would have some reason to rattle a little.
I remeber a civil suit once where someone was being sued for service overcharges and once of the pieces of evidence was a $75 overcharge which was even in doubt. The judge turned to the claimant's attorney and said somthing like this, "you have spent half and hour of the court's time attempting to show a transgression of $75. Do you realize just how much that 30 minutes of court time costs ?".
The point is, the judicial system expects parties to be fair. If I make a claim against someone, it is not fair that I make it difficult or impossible for you to continue to do business.
Altmier's letter is an excellent defence for SGI in this case. It shows that a) the infringement was trivial and hence the actual damage is negligible, b) the transgression was corrected rapidly to minimize any pervieved issues and c) SGI was attempting to be as fair as possible. SCO on the other hand is threatening to revoke an irrevokable license and damage SGI's ability to do buisness. If SGI counter-sues for damages of lost revenue they will win because SCO is not acting in good faith.
There is more. "IP" comes in 2 flavours, Copyright and Patents. What SCO is claiming here is unclear. It seems like the wording is regarding patents but they cite Copyright infringements as evidence. Their message simply does not make any legal sense. I recall a discussion once between an attourney and an engineer regarding a legal matter. Typical engineer is trying to navigate to a solution around a county building assessor who was being particularly difficult. After listening to the engineer's brilliant alternatives the attourney says "wait, you forget somthing, the guy is a moron.". This story parallel's the case of SCO vs the world.
Damage??
what damage? I found that this whole thing has actually helped linux. CTO's, managers and other are finally asking questions about this "linux thing". These are the same people that completely understand the IP rights mindset and know that SCO is up to no good when the whole thing is explained to them... I.E. "Example? ok, I think that your company ZXY corperation is violating my property rights in your product.. No you can't see what is in violation and I demand that you stop making your product now or pay me a fee for every unit you sell... oh and you have to pay me damages.."
No businessman in his right mind would do anything but call security on anyone making such claims... and that is EXACTLY the claim made by SCO..
Linux rollout has tripled, and after the latest exchange+server 2003 fiasco that left us without email for 4 days I'm betting that we will be replacing all W2003 servers before Q2 2004.
Do not look at laser with remaining good eye.
I am for open source as much as any enlightened software developer but sometimes we have to accept things we don't like. It is not in the best interests of the /. community to make assumptions that SGI is not legally liable for the introduced code by using the statements in their open letter. SGI's statement that they've removed the offending code and that it is probably public domain is as credible as SCO's statements that users should start paying royalties. Neither has had to prove their statements in the arena of open letters. This works best in court and likely a court case is the only way to solve this disagreement. I've read statements that have said it's only atoi and look it's already in the public domain but that's not the real issue. The fact is, for all developers, the law should protect every line of copywritten code. The reason is simple, if the law can't protect someone as large as SCO, what chance does the little one man programming show have? This is not to say that I agree with the tactics of SCO, they are completely unacceptable and outside of the boundries of good taste and good faith. But not all people feel bound to the unwritten rules of being a good person. It is the perogative of SCO to act this way and for what positive reason, I cannot find. Let's hope that even if SGI does get into trouble for this alleged breach of copyright, this entire fiasco turns into good press for SGI and causes all sorts of trouble for SCO in the future.
"Following this occurrence, we continued our investigation to determine whether any other code in the Linux kernel was even conceivably implicated. As a result of that exhaustive investigation, SGI has discovered a few additional code segments (similar in nature to the segments referred to above and trivial in amount) that may arguably be related to UNIX code. We are in the process of removing and replacing these segments."
It would be nice if they (IBM, SGI) ran the ENTIRE Linux/GPL code base through a tokenized comparison with their reference SCO Unix trees. Thus GPL community could start identifying and removing any suspect code NOW, rather than wait for a trial outcome.
Unlimited growth == Cancer.
Isn't SCO costing SGI an awful lot of time and effort (i.e. money) to scour code
:) early summer, which gives you an idea as to how much of the communications _don't_ get around. Who says that SCO didn't, in this case, identify the "offending" pieces?
;). I hope we make it through this. I _like_ working here.
I don't know about "a lot of money".
- SGI has the source code - I imagine it's not too hard to automate the searching for matches between Sys V code and what's being released.
- The communications between SCO and SGI are not public. SGI say that SCO contacted them (umm... ok, us, not that I know any more about this than you
SGI is struggling (I don't think I'm giving away any company secrets there
Cravath, IBM's usual law firm and their law firm in this case, is the biggest name in business litigation. They're incredibly expensive, very thorough, and usually win. If there's some fact or legal argument anywhere that will help the case, Cravath's army of lawyers, paralegals, technical experts, and non-legal staff will find it. Cravath has filled up entire buildings with staff for previous IBM litigation.
Basically, IBM will win this unless their attorneys screw up. And Cravath doesn't screw up. They have enough people checking each other to prevent that. That's the Cravath business model.
Reasonably soon, the IBM-SCO case will reach the discovery stage, where SCO will have to disclose documents to IBM's attorneys. We'll probably see some interesting disclosures about the SCO-Microsoft deal.
Meanwhile, SCO's stock is down from a high of 20 to about 15 today.
Main Principles: "#6 Use software leverage to your advantage. Good programmers write good code, great programmers borrow good code."
It is true that you cannot erase damages, just mitigate them. In this case, SGI is working to remove problems it may have caused, even though SGI believes they can prove that the contributed code was released by SCO under a BSD-style license.
US courts, in addition to seeing the actual negligence or malice involved, will also look at the actual damage caused. If SCO claims damages because code that they themselves released to the public under an unrestricted license was used in a program, they'll be asked to describe exactly what damage was caused.
In addition, if SCO is so incompetent that they themselves did not review the linux code that they were distributing, and that they forgot that they released a lot of code under a BSD license on their own, they will have a hard time proving that SGI damaged them at all.
It's legally valid because you didn't licence your car from Ford -- you purchased an object. Things like cars and toasters aren't (yet) subject to licencing (just wait til your toaster has software on it though... betcha the box has a EULA).
You did, however, licence your linux software from the developers who wrote it and if they stole code, you, as a licencee, may be responsible, not for damages, but for payment of licencing fees on the code that was misappropriated.
We could argue all day about wether software *should* be considered identical to a physical object, but at present it is not. You don't buy software, you buy software licences, always.
So in summary, yes, it *could* stand up in court, not as a liability issue, i.e. damages for past illegality, but as an issue of paying a licence for the use of SCO IP. This presupposes that they can prove that Linux actually carries any such IP and that the version of the kernel you happen to be using contains any of it. The first is highly questionable and the second will be moot about a week after any infringing code segments are actually identified.
(the latter case, incidentally, does nothing to help IBM in their contractual dispute which *is* a liability issue and *is* about past damages. If infringing code is found, even if the code is removed from the linux sources, those responsible for the misappropriation, presumably IBM, will be held liable for damages. However, users should be free and clear, though linux's reputation would be substantially tarnished.)
[i am, of course, not a lawyer, but i'm pretty sure my understanding is correct.]
Interesting... with their share price at $0.94, their market capitalization is $197.95M. To compare, Sun's market cap is still $10.27B these days. Here's the worst: SCO has a market cap of 209.63M today. SCO worth more than SGI? puke.
Who do you get to be an expert to tell you something's not obvious? The least insightful person you can find? -J Roberts
I suspect that C compilers written for DOS, Windows, and Mac OS could even be considered 'derivative works of SysV' under this theory. And since so many programs are written in C (or a derivative such as C++) it just stands to reason that each one of those programs is therefore a derivative of SysV. Maybe that's why Darl thinks that all modern OSes are derivatives - they're all written in C, and all your compiler are belong to us!
The whole indemnification thing is another area, if you buy in to Sun's or HP's indemnification program, you essentially start to give up your rights to the software, the very rights RMS has been fighting for. They put hard limits on how you can use the software, where you can use it, etc.. Should parts of the industry buy in to those games more fully it put's a serious damper on the use of free software. Fundamental freedom type stuff, like Sun won't let you use Linux in the "server" and indemnify it. Further research on it shows that they are trying to leverage that so that you can't use Linux on *any* server if you wish to be part of their program. Those are hard things to undo once done if there is market support for them.
Either way, the damage to Linux has been done.
;-)
I disagree. As a decision maker in a company (more influencer than maker) I report to an older MIS director who has feared bringing Linux in at all. His fear was based on the fact that his perception of Linux folk was long haired trash talking freaks...despite the fact that I advocated bringing it in and do not match the description....well, I have short hair anyway
We use Sco Unixware to run our Main CRM apps. The director has been following the controversy and a few weeks back when I said that we needed to do better security auditing he (quite out of character) said "Can't Linux do that" So I got Linux running along with MANY great tools on our network. Then our Sco server hiccuped and our Sco guru came out and preached Scos case and the director told me later "The linux developers seem to be attempting due dilligence and the Sco guys are just freaks. Can our apps run on Red Hat?" You tell me....
Who looks bad now?
And according to SGI, it's questionable whether any of the code even got compiled. It seems like it was old code left in the source, but not even called upon at compilation.